23.07.2019, 09:06
Requirements Found to Transfer the Entire Runet to VPN
Source: OREANDA-NEWS
OREANDA-NEWS. The measures proposed by the Ministry of Communications within the framework of the law on “sovereign RuNet” to protect against phishing, or website spoofing, will require the construction of multiple virtual private networks - VPN, which is unrealistic, experts of the Russian Union of Industrialists and Entrepreneurs said in a response to the draft order of the department.
According to the draft Ministry of Communications, market participants should provide protection against unauthorized access to the equipment and software used to determine the network address of the site in case of entering a domain name in the address bar of the browser.
“Theoretically, an attacker can get access to information about which domain corresponds to which IP address and mail service, and if this is an intermediate request, to which server the request moves on. As a rule, theft of such information rarely happens, but attackers can “fake” a resource so that a user leaves, for example, his personal data or download an infected file - this is classic phishing”, explained the threat of a member of the working group attached to the union of industrialists and entrepreneurs. and one of the review authors, Alexey Semenyaka.
According to him, it's almost impossible to create a VPN connection for all resources on the Runet, as well as to estimate the necessary volume of expenses. He noted that the DNSSec protocol can protect against information modification, but so far less than 1% of domains are protected by it, and it still doesn't protect against viewing and copying data.
A number of draft bylaws related to the functioning of the national domain name system have also been criticized by experts. According to the document submitted for public discussion by federal service for supervision of communications, the Russian national domain zone will consist of sites that are located in .RU, .РФ and .SU zones.
According to the draft Ministry of Communications, market participants should provide protection against unauthorized access to the equipment and software used to determine the network address of the site in case of entering a domain name in the address bar of the browser.
“Theoretically, an attacker can get access to information about which domain corresponds to which IP address and mail service, and if this is an intermediate request, to which server the request moves on. As a rule, theft of such information rarely happens, but attackers can “fake” a resource so that a user leaves, for example, his personal data or download an infected file - this is classic phishing”, explained the threat of a member of the working group attached to the union of industrialists and entrepreneurs. and one of the review authors, Alexey Semenyaka.
According to him, it's almost impossible to create a VPN connection for all resources on the Runet, as well as to estimate the necessary volume of expenses. He noted that the DNSSec protocol can protect against information modification, but so far less than 1% of domains are protected by it, and it still doesn't protect against viewing and copying data.
A number of draft bylaws related to the functioning of the national domain name system have also been criticized by experts. According to the document submitted for public discussion by federal service for supervision of communications, the Russian national domain zone will consist of sites that are located in .RU, .РФ and .SU zones.
Комментарии